Ansible權威指南筆記（粗略）

在托管節(jié)點上安裝

python

解釋器

ansible myhost --sudo -m raw -a "yum install -y python2 python-simplejson"

各個平臺上安裝

ansible http://www.ansible.com.cn/docs/intro_installation.html

#python

多環(huán)境管理：

pyenv

和

virutalenv

etc/ansible: ansible.cfg hosts

#ansible.cfg

inventory

library

module_name

########################################

ansible all -m ping -u root --sudo

ansible all -m copy -a "src=/etc/fstab dest=/tmp/fstab owner=root group=root

mode=644 backup=yes"

ansible-galaxy init,install,list,remove

ansible-pull

定期執(zhí)行任務

ansible-doc -l

ansible-doc ping

ansible-playbook playbook.yml

ansible-vault encrypt/decrypt xx.yml?

加密解密

########hosts

192.168.1.1

ntp.mmm.com:222

[xxx]

xx[10:20].xx.com

[xxx:vars]

xx=aa

cc=bb

[webservers:children]

ansible_ssh_host

ansible_ssh_port

ansible_ssh_user

ansible_ssh_pass

ansible_ssh_private_key_file=

############################

ansible webs -m service -a "name=httpd state=restarted"

ansible "webs1:webs2"

ansible "webs1:!xxx"

ansible "webs1:&xx:!xxxx"

ansible ~web1*? ? #

正則匹配主機

###################################

ansible -i inventory

-f

線程數(shù)

--private-key

-m

-M

模塊路徑

-k

認證密碼

-K sudo

密碼

-o

輸出成一行

-s? sudo

-T

時間

-B

后臺執(zhí)行命令的時間

-u

用戶

-l

指定運行的主機

###################

ansible proxy -f 5 -m ping

ansible proyx -s -m command -a "hostname"

ansible proxy --list

time ansible 192.168.1.1 -B 5 -P 2 -T 2 -m command -a 'sleep 20' -u root ##

對

192.168.1.1

以用戶

root

執(zhí)行

sleep 20

，設置最大連接超時時長為

#2s

反砌，且設置為后臺運行模式贱纠，執(zhí)行過程每

輸出一次進度，如

還未執(zhí)行完則終止該任務蝌衔。

ansible apps -a "df -lh"

ansible apps -m shell -a "free -m"

ansible apps -m yum -a "name=redhat-lsb state=present"

ansible apps -m yum -a "name=ntp state=present"

ansible apps -m service -a "name=ntpd state=started enabled=yes"

ansible apps -m command -a "service ntpd status" --limit "192.168.1.22"

###################################

新增用戶

ansible db -m user -a 'name=dba shell=/bin/bash groups=admins,dbagroup

append=yes home=/home/dba/ state=present'

ansible db -m user -a 'name=dba groups=ddd append=no'? #

變更用戶屬性

ansible db -m user -a 'name=dba state=absent remove=yes'? #

刪除用戶

ansible db -m user -a "name=tom shell=/bin/bash password=to32cxooiudsof

update_password=always" ##

變更密碼弄企，密碼必須自己

sha-512

生成

ansible xx -m win_user -a "name=stanly password=xxxxxxx group=Administrators"?

##win

用戶

ansible xx -m mysql_user -a "login_host=localhost login_password=123456

login_user=root name=stanly password=123456 priv=zabbix.*:ALL state=present"

###

新增

mysql

用戶

###########################################################

##yaml

語法

不要使用

tab

相同階層的元素左對齊

##########

########playbook

語法

---? #

開頭

- hosts: webservers

vars:

http_pot: 80

max_clients: 222

remote_user: root

tasks:

- name: ensdlfjsd

yum: pkg=httpd state=latest

- name: xx

template: src=/srv/httpd.j2 dest=/etc/httpd.conf

notify: restart apache

- name: xx

service: name=httpd state=started

handlers:

- name: restart apache

service: name=httpd state=restarted

#################################

############shellplaybook

---

- hosts: all

tasks:

- name: "setup apache"

command: yum install --quiet -y httpd httpd-devel

- name: "copy configure"

command: cp /tmp/httpd.conf /etc/httpd/conf/httpd.conf

command: cp /tmp/httpd-vhosts.conf /etc/httpd/conf/httpd-vhosts.conf

command: service httpd start

command: chkconfig httpd on

####################################################ansible-playbook

./playbook.yml

ansible-playbook --limit xx.com

ansible-playbook --list-hosts? #

列出哪些主機受影響

--remote-user=tom

#########node.js

不全

---

- hosts: all

tasks:

- name: gpg

rpm_key: "key={{ item }} state=present"

with_items:

- "http://rpms.famillecollet.com/RPM-GPG-KEY-remi"

- name: install remi repo

command: "rpm -Uvh --force {{ item.href }} creates={{ item.creates }}"

with_items:

- href: "http://rpms.famillecollet.com/enterprise/remi-release-6.rpm"

- creates: "/etc/yum.repos.d/remi.repo"

yum: name=epel-release state=present

service: name=iptables state=stopped

service: name=firewalld state=stopped

yum: name=npm state=present enablerepo=epel

command: npm config set registry https://registry.npm.taobao.org

command: npm config set strict-ssl false

npm: name=forever global=yes state=latest

file: "path={{ node_apps_location }} state=directory"

copy: "src=app dest={{ node_apps_location }}"

npm: "path={{ node_apps_location }}/app"

########################################################ansible-playbook

--extra-vars="node_apps_location=/usr/local/opt/node"

###ansible

安裝部署

drupal https://www.howtoing.com/how-to-create-an-ansible-

playbook-to-automate-drupal-installation-on-ubuntu-14-04/

###ansible

安裝部署

tomcat https://www.cnblogs.com/Carr/p/7447309.html?

http://blog.51cto.com/miaocbin/1893759

###ansible

安裝部署

JDK? https://www.cnblogs.com/guxiong/p/7241885.html

###handler

模塊

handlers:

- name: restart apache

service: name=apache2 state=restarted

notify: restart memcached

- name: restart memcached

service: name=memcached state=restarted

notify:

- restart apache

- restart memcached

###################

ansible-playbook xx.yml --extra-vars "foo=bar"

ansible-playbook xx.yml --extra-vars "@xx.json"

主機變量

host1 xx=bar? {{ hostvars['host1']['xx'] }}

#gather_facts: no

在遠程主機上

/etc/ansible/xx.fact

戏挡，則

setu

模塊將返回

fact

的內容

[users]

admin=xx

###

條件判斷

- name:

[task xxx]

when: software_version.split('.')[0] == '4'

##register

- command: my-app --status

-command: do-something-to-my-app

when: "'ready' in myapp_result.stdout"

#myapp_result.stdout.find('xxx') == -1

####################

如果

PHP

為

，則降級

- shell: php --version

- shell: yum -y downgrade php*

when: "'7.0' in php_version.stdout"

#####

####

如果主機的

hosts

不存在左权，就傳一個文件過去

- stat: path=/etc/hosts

- copy: src=path/local/file dest=/path/remote/file

when: hosts_file.stat.exists == false

################################

交互

hosts: all

vars_prompt:

- name: user

prompt: "what is your name"

#######confirm

為用戶輸入兩次

#########wait_for

模塊?

delegate_to

模塊

Ansible權威指南筆記（粗略）

推薦閱讀更多精彩內容